Senior IT Security Product Specialist
Requisition ID # 92824
Job Category : Information Technology
Job Level : Individual Contributor
Business Unit: Information Technology
The Cybersecurity Services department serves as the centralized cybersecurity technology infrastructure operating arm of Cybersecurity and undertakes a broad range of activities focused on securing PG&E’s network, systems, and data. The Cybersecurity Services is primarily tasked with operating and maintaining PG&E’s privileged access and security technology infrastructure to ensure the safe and reliable operation of PG&E’s cyber security tools and systems within an enterprise-wide setting while ensuring that the deployment of tools as well as their scope is appropriately managed. The Cybersecurity Services department supports projects during the project/software life cycle for PG&E’s standard security solutions to ensure that operation requirements are met. PG&E's Cybersecurity Services, Privileged Access and Directory Management Team support technology that provides Identity life cycle, authentication, and role-based access to our systems.
We are seeking am Senior IT Security Product Specialist in PG&E’s Privileged Access and Directory Management team. The role of this position is to provide support for Active Directory, group policy management, role-based security, and related privileged access management technologies. The successful candidate will provide project consultation, solution deliverables, product documentation, and support on technology product lines, and/or technology service offerings managed by Cybersecurity. The successful candidate will maintain vendor relationships in order to ensure technical performance requirements, for both new and legacy systems, are met and will be responsible for the product’s existing maintenance contracts and/or license compliance, partnering with projects on requests for new product contracts and licenses.
The position will work from your home office (within CA) for the remainder of the year. Once a safe return to the office is identified, the work location is flexible within the company's service territory.
- AA/AS in Computer Science, Business, Engineering or equivalent work experience.
- 4 years of Cybersecurity experience with a minimum of 1 years focus in Privileged Access Management
- Demonstrated experience with Identity and Access Management technologies
- Demonstrated experience in Group Policy Management
- Bachelor's degree in Computer Science, Electrical/Electronic Engineering, or similar field; or equivalent experience
- MS in Computer Science or Information Security
- Provisioning and password safe tools such as Beyond Trust Password safe, Powerbroker for Windows.
- Privileged Access Management Processes including on-boarding, account management, password rotation, password safe policies, and PBW policies
- Strong knowledge of Windows servers
- Strong knowledge of Windows workstations
- Deep understanding of testing and implementation processes for Group Policy implementations
- Familiarity with ssh key management
- Active Directory and other LDAP directories
- Multi-factor authentication such as RSA SecurID
- Understanding of RBAC
Knowledge, Skills, and Abilities:
- Strong written and good oral communication, ability to document diagrams and business cases, and collaboration skills
- Demonstrated ability to work both as an individual contributor and in a team environment
- Proven customer facing skills and the ability to effectively communicate at both a high-level and a technical level
- Security minded and knows how to handle evidence containing sensitive information
- Good grasp of information security fundamentals, concepts, and strategy
- Understanding of modern role based access and delegation security models
- Risk assessment and risk analysis
- Excellent written and verbal communications skills
- Demonstrated technical knowledge of and direct experience working with the following technologies:
- Password Vaulting
- Windows Servers
- Windows Workstations
- Active Directory
- Group Policy Management
- Heterogenous Authentication
- Product Management & Operations: Administration of GPO Admin, Powerbroker for Windows, and Powerbroker Passwordsafe in either a primary or secondary capacity depending on the product and the experience level of the successful candidate.
- IT Product Analysis: Collaborate and confer with the accountable planning organization to develop the technical and business strategic vision and how it applies to the targeted products or services. Understand the product positioning, key benefits, and target users. Gather and analyze changing business and user requirements. In partnership with the planning organization, research new market technologies and make recommendations based on the Company’s future business needs and processes.
- Product Lifecycle: Manage the continuous product lifecycle from research, planning and implementation to retirement, including cost management. Introduce new innovative solutions, create support structure, and integrate product with company standards. Involved in the implementation, including installation, testing, communicating, and documenting of the product. Advocates and communicates key messages and strategies, promotes the product, educates, and trains support staff.
- Solution Design: Interface with internal IT stakeholders to understand and analyze a project’s business and technical requirements. Have the ability to translate requirements into a detailed solution design leveraging the targeted IT products or services for teams to be able to properly deploy and implement. Be familiar with IT planning methodologies. Be able to provide accurate project timelines, labor cost estimates and equipment cost estimates to the project. Have the ability to manage multiple assigned projects.
- Capacity Planning: Manage the enterprise wide technical capacity for the targeted IT products or services. Work with projects to determine the best use of existing capacity for resource allocation. Partner with key stakeholders to determine and understand future capacity. Analyze areas of opportunities to optimize costs of IT products or services. Engage with the product’s vendor to manage the process to request additional units including working with projects needing new product contracts and licenses. Perform contract management and be responsible for understanding and complying with the product’s existing maintenance contracts and/or licenses.
- Provide operational support and work Incidents, Work Orders and Change Control (BMC Remedy)
- Support: Work closely with IT professionals to troubleshoot and resolve issues. Drive conventions and standards (such as usage or configuration) across products to maximize user experience. In the absence of a third-tier support specialist, perform the role of third-tier support to other IT professionals.
- Vendor Technical Liaison: Participate in business, technical, and contract negotiations with vendors. Act as a conduit for vendor relationship, licensing, and incident management. An advocate for business unit and IT operational clients to ensure business requirements are cost effective and needs are met. Provide budget support to IT professionals and stakeholders.
- Documentation: Develops a variety of documentation such as strategies, plans, designs, usage or configuration standards, policies, guidelines, user requirements, roadmaps, reports, metrics, process manuals, configuration manuals, and other documentation specific and necessary for the targeted product or service.